Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/ansible@2.9.0rc1

Type pypi

Namespace

Name ansible

Version 2.9.0rc1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.10.1rc2

Latest_non_vulnerable_version 12.2.0

Affected_by_vulnerabilities

url VCID-833d-up6b-rfe1

vulnerability_id VCID-833d-up6b-rfe1

summary A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10729.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10729.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10729

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.20032
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10729

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1831089

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1831089

reference_url

https://github.com/advisories/GHSA-r6h7-5pq2-j77h

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-r6h7-5pq2-j77h

reference_url

https://github.com/ansible/ansible

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible

reference_url

https://github.com/ansible/ansible/blob/v2.9.6/changelogs/CHANGELOG-v2.9.rst

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/v2.9.6/changelogs/CHANGELOG-v2.9.rst

reference_url

https://github.com/ansible/ansible/commit/c520d70bf4748c8ee6718a7d0d0254051ba1c2e9

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/c520d70bf4748c8ee6718a7d0d0254051ba1c2e9

reference_url

https://github.com/ansible/ansible/issues/34144

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/issues/34144

reference_url

https://github.com/ansible/ansible/pull/67429

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/67429

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-105.yaml

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-105.yaml

reference_url

https://www.debian.org/security/2021/dsa-4950

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2021/dsa-4950

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10729

reference_id

CVE-2020-10729

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10729

fixed_packages

url pkg:pypi/ansible@2.9.6

purl pkg:pypi/ansible@2.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5t77-f231-6ffg

vulnerability	VCID-78m2-3fj5-tbh1

vulnerability	VCID-8u2v-jtqe-dqg3

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-cuq1-se5h-vygd

vulnerability	VCID-dkds-s3ad-cufa

vulnerability	VCID-ec6s-8f24-9bh7

vulnerability	VCID-gm99-68bj-c3cz

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-hs3w-mah1-ckb5

vulnerability	VCID-p4p5-29r5-8qh9

vulnerability	VCID-pqj1-u787-g3aj

vulnerability	VCID-ptg6-bwz8-pud8

vulnerability	VCID-vhxq-1hqq-77bx

vulnerability	VCID-w2n8-uxbb-k7f9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6

aliases CVE-2020-10729, GHSA-r6h7-5pq2-j77h, PYSEC-2021-105

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-833d-up6b-rfe1

url VCID-8u2v-jtqe-dqg3

vulnerability_id VCID-8u2v-jtqe-dqg3

summary A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20228

reference_id

reference_type

scores

value	0.00243
scoring_system	epss
scoring_elements	0.47765
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20228

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1925002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1925002

reference_url

https://github.com/advisories/GHSA-5rrg-rr89-x9mv

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-5rrg-rr89-x9mv

reference_url

https://github.com/ansible/ansible

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible

reference_url

https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c

reference_url

https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b

reference_url

https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120

reference_url

https://github.com/ansible/ansible/pull/73487

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73487

reference_url

https://github.com/ansible/ansible/pull/73492

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73492

reference_url

https://github.com/ansible/ansible/pull/73493

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73493

reference_url

https://github.com/ansible/ansible/pull/73494

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73494

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml

reference_url

https://www.debian.org/security/2021/dsa-4950

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2021/dsa-4950

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20228

reference_id

CVE-2021-20228

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20228

reference_url	https://access.redhat.com/errata/RHSA-2021:0663
reference_id	RHSA-2021:0663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0663

reference_url	https://access.redhat.com/errata/RHSA-2021:0664
reference_id	RHSA-2021:0664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0664

reference_url	https://access.redhat.com/errata/RHSA-2021:1079
reference_id	RHSA-2021:1079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1079

reference_url	https://access.redhat.com/errata/RHSA-2021:2180
reference_id	RHSA-2021:2180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2180

fixed_packages

url pkg:pypi/ansible@2.9.1

purl pkg:pypi/ansible@2.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2z4k-r21v-rfgx

vulnerability	VCID-5t77-f231-6ffg

vulnerability	VCID-78m2-3fj5-tbh1

vulnerability	VCID-7ben-361w-tkdr

vulnerability	VCID-7qnx-1gp2-v7bb

vulnerability	VCID-833d-up6b-rfe1

vulnerability	VCID-8u2v-jtqe-dqg3

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-cuq1-se5h-vygd

vulnerability	VCID-cxts-25nq-4fcs

vulnerability	VCID-dkds-s3ad-cufa

vulnerability	VCID-ec6s-8f24-9bh7

vulnerability	VCID-etb4-2qch-6kgw

vulnerability	VCID-gm99-68bj-c3cz

vulnerability	VCID-gxw4-ydnj-fkfe

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-hq4d-92s2-vqg6

vulnerability	VCID-hs3w-mah1-ckb5

vulnerability	VCID-mbj9-3bnb-wbda

vulnerability	VCID-p4p5-29r5-8qh9

vulnerability	VCID-pqj1-u787-g3aj

vulnerability	VCID-ptg6-bwz8-pud8

vulnerability	VCID-qztj-r7zc-jue3

vulnerability	VCID-subj-aje2-93bk

vulnerability	VCID-vhxq-1hqq-77bx

vulnerability	VCID-vsv2-4d8c-m3g1

vulnerability	VCID-w2n8-uxbb-k7f9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.1

url pkg:pypi/ansible@2.9.18rc1

purl pkg:pypi/ansible@2.9.18rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8u2v-jtqe-dqg3

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-dkds-s3ad-cufa

vulnerability	VCID-gm99-68bj-c3cz

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-p4p5-29r5-8qh9

vulnerability	VCID-pqj1-u787-g3aj

vulnerability	VCID-vhxq-1hqq-77bx

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1

url pkg:pypi/ansible@2.9.19

purl pkg:pypi/ansible@2.9.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-dkds-s3ad-cufa

vulnerability	VCID-gm99-68bj-c3cz

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-vhxq-1hqq-77bx

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19

url	pkg:pypi/ansible@2.10.6rc1
purl	pkg:pypi/ansible@2.10.6rc1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6rc1

url pkg:pypi/ansible@2.10.6

purl pkg:pypi/ansible@2.10.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-p4p5-29r5-8qh9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6

aliases CVE-2021-20228, GHSA-5rrg-rr89-x9mv, PYSEC-2021-1

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8u2v-jtqe-dqg3

url VCID-am9g-ba4h-sfhr

vulnerability_id VCID-am9g-ba4h-sfhr

summary A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25635

reference_id

reference_type

scores

value	0.0008
scoring_system	epss
scoring_elements	0.23595
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25635

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635

reference_url

https://github.com/ansible/ansible

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible

reference_url

https://github.com/ansible-collections/community.aws/issues/222

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-collections/community.aws/issues/222

reference_url

https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1880275
reference_id	1880275
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1880275

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-25635

reference_id

CVE-2020-25635

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-25635

reference_url	https://github.com/advisories/GHSA-f556-49jc-4rvc
reference_id	GHSA-f556-49jc-4rvc
reference_type
scores
url	https://github.com/advisories/GHSA-f556-49jc-4rvc

fixed_packages

url pkg:pypi/ansible@2.10.1

purl pkg:pypi/ansible@2.10.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8u2v-jtqe-dqg3

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-p4p5-29r5-8qh9

vulnerability	VCID-t2da-uh4n-yya2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1

aliases CVE-2020-25635, GHSA-f556-49jc-4rvc, PYSEC-2020-220

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-am9g-ba4h-sfhr

url VCID-dkds-s3ad-cufa

vulnerability_id VCID-dkds-s3ad-cufa

summary information disclosure

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json

reference_url

https://access.redhat.com/security/cve/CVE-2021-3620

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2021-3620

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3620

reference_id

reference_type

scores

value	0.0029
scoring_system	epss
scoring_elements	0.52707
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3620

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1975767

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1975767

reference_url

https://github.com/advisories/GHSA-4r65-35qq-ch8j

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-4r65-35qq-ch8j

reference_url

https://github.com/ansible/ansible

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible

reference_url

https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes

reference_url

https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

reference_url

https://security.archlinux.org/AVG-1941

reference_id

AVG-1941

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1941

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-3620

reference_id

CVE-2021-3620

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-3620

reference_url

https://access.redhat.com/errata/RHSA-2021:3871

reference_id

RHSA-2021:3871

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2021:3871

reference_url

https://access.redhat.com/errata/RHSA-2021:3872

reference_id

RHSA-2021:3872

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2021:3872

reference_url

https://access.redhat.com/errata/RHSA-2021:3874

reference_id

RHSA-2021:3874

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2021:3874

reference_url

https://access.redhat.com/errata/RHSA-2021:4703

reference_id

RHSA-2021:4703

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2021:4703

reference_url

https://access.redhat.com/errata/RHSA-2021:4750

reference_id

RHSA-2021:4750

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2021:4750

fixed_packages

url pkg:pypi/ansible@2.9.27

purl pkg:pypi/ansible@2.9.27

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-vhxq-1hqq-77bx

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.27

aliases CVE-2021-3620, GHSA-4r65-35qq-ch8j, PYSEC-2022-164

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dkds-s3ad-cufa

url VCID-gm99-68bj-c3cz

vulnerability_id VCID-gm99-68bj-c3cz

summary arbitrary command execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3583

reference_id

reference_type

scores

value	0.00276
scoring_system	epss
scoring_elements	0.51238
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3583

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1968412

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1968412

reference_url

https://github.com/advisories/GHSA-2pfh-q76x-gwvm

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-2pfh-q76x-gwvm

reference_url

https://github.com/ansible/ansible

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible

reference_url

https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e

reference_url

https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847

reference_url

https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1

reference_url

https://github.com/ansible/ansible/pull/74960

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/74960

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

reference_url

https://security.archlinux.org/AVG-2260

reference_id

AVG-2260

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2260

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-3583

reference_id

CVE-2021-3583

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-3583

reference_url	https://access.redhat.com/errata/RHSA-2021:2663
reference_id	RHSA-2021:2663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2663

reference_url	https://access.redhat.com/errata/RHSA-2021:2664
reference_id	RHSA-2021:2664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2664

fixed_packages

url pkg:pypi/ansible@2.9.23rc1

purl pkg:pypi/ansible@2.9.23rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-dkds-s3ad-cufa

vulnerability	VCID-gm99-68bj-c3cz

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-vhxq-1hqq-77bx

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.23rc1

url pkg:pypi/ansible@2.9.23

purl pkg:pypi/ansible@2.9.23

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-dkds-s3ad-cufa

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-vhxq-1hqq-77bx

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.23

url	pkg:pypi/ansible@2.10.11rc1
purl	pkg:pypi/ansible@2.10.11rc1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.11rc1

url	pkg:pypi/ansible@2.11.2rc1
purl	pkg:pypi/ansible@2.11.2rc1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.11.2rc1

aliases CVE-2021-3583, GHSA-2pfh-q76x-gwvm, PYSEC-2021-358

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gm99-68bj-c3cz

url VCID-hjc4-jcfm-7be5

vulnerability_id VCID-hjc4-jcfm-7be5

summary information disclosure

references

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956477
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956477

reference_url

https://security.archlinux.org/AVG-2056

reference_id

AVG-2056

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2056

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3533
reference_id	CVE-2021-3533
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3533

fixed_packages

url	pkg:pypi/ansible@3.0.0
purl	pkg:pypi/ansible@3.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0

aliases CVE-2021-3533, PYSEC-2021-126

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hjc4-jcfm-7be5

url VCID-pqj1-u787-g3aj

vulnerability_id VCID-pqj1-u787-g3aj

summary A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20178.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20178.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20178

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.08367
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20178

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1914774

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1914774

reference_url

https://github.com/advisories/GHSA-wv5p-gmmv-wh9v

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-wv5p-gmmv-wh9v

reference_url

https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes

reference_url

https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,

reference_url

https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C

reference_url

https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc

reference_url

https://github.com/ansible-collections/community.general/pull/1635

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-collections/community.general/pull/1635

reference_url	https://github.com/ansible-collections/community.general/pull/1635,
reference_id
reference_type
scores
url	https://github.com/ansible-collections/community.general/pull/1635,

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id	985753
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753

reference_url	https://security.archlinux.org/ASA-202102-9
reference_id	ASA-202102-9
reference_type
scores
url	https://security.archlinux.org/ASA-202102-9

reference_url

https://security.archlinux.org/AVG-1437

reference_id

AVG-1437

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1437

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20178

reference_id

CVE-2021-20178

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20178

reference_url	https://access.redhat.com/errata/RHSA-2021:0663
reference_id	RHSA-2021:0663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0663

reference_url	https://access.redhat.com/errata/RHSA-2021:0664
reference_id	RHSA-2021:0664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0664

reference_url	https://access.redhat.com/errata/RHSA-2021:1079
reference_id	RHSA-2021:1079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1079

reference_url	https://access.redhat.com/errata/RHSA-2021:2180
reference_id	RHSA-2021:2180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2180

fixed_packages

url pkg:pypi/ansible@2.9.18

purl pkg:pypi/ansible@2.9.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8u2v-jtqe-dqg3

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-dkds-s3ad-cufa

vulnerability	VCID-gm99-68bj-c3cz

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-vhxq-1hqq-77bx

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18

aliases CVE-2021-20178, GHSA-wv5p-gmmv-wh9v, PYSEC-2021-106

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqj1-u787-g3aj

url VCID-vhxq-1hqq-77bx

vulnerability_id VCID-vhxq-1hqq-77bx

summary An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14330

reference_id

reference_type

scores

value	0.00218
scoring_system	epss
scoring_elements	0.4438
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14330

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330

reference_url

https://github.com/advisories/GHSA-785x-qw4v-6872

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-785x-qw4v-6872

reference_url

https://github.com/ansible/ansible

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible

reference_url

https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e

reference_url

https://github.com/ansible/ansible/issues/68400

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/issues/68400

reference_url

https://github.com/ansible/ansible/pull/69653

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/69653

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml

reference_url

https://www.debian.org/security/2021/dsa-4950

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2021/dsa-4950

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1856815
reference_id	1856815
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1856815

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-14330

reference_id

CVE-2020-14330

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-14330

reference_url	https://access.redhat.com/errata/RHSA-2020:3600
reference_id	RHSA-2020:3600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3600

fixed_packages

url pkg:pypi/ansible@2.9.12

purl pkg:pypi/ansible@2.9.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5t77-f231-6ffg

vulnerability	VCID-8u2v-jtqe-dqg3

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-dkds-s3ad-cufa

vulnerability	VCID-gm99-68bj-c3cz

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-p4p5-29r5-8qh9

vulnerability	VCID-pqj1-u787-g3aj

vulnerability	VCID-vhxq-1hqq-77bx

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12

url pkg:pypi/ansible@2.10.0

purl pkg:pypi/ansible@2.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2z4k-r21v-rfgx

vulnerability	VCID-8u2v-jtqe-dqg3

vulnerability	VCID-am9g-ba4h-sfhr

vulnerability	VCID-hjc4-jcfm-7be5

vulnerability	VCID-p4p5-29r5-8qh9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0

aliases CVE-2020-14330, GHSA-785x-qw4v-6872, PYSEC-2020-3

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vhxq-1hqq-77bx

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0rc1

Package Instance